[bitfolk] Re: Thoughts on tightening up Xen Shell's SSH (not yours - that's your business!)

Firewalling to restrict to my IP addresses would work well for me. My home Internet connection is static IP, and when away from home I have a tablet with data-only SIM card which also has a static ip address. I already do this with nftables on my VPS, and SSH brute force attempts are blissfully absent from the logs, and of course it's completely frictionless to use. I realise this might not work for everyone, though. Some form of 2FA might do the trick, better still, the option to do it either way, if that's possible. I wouldn't object to a Web based console if it could be done well and safely but it does seem a rather clunky solution. The IPv6 only idea (if that's what it is) looks interesting, but I'm not sure I fully understand it. -- Anahata Via Android tablet 01535 501017 - 07976 263827 - https://treewind.co.uk On 14 April 2024 01:33:36 BST, Andy Smith via BitFolk Users <users(a)mailman.bitfolk.com> wrote: